<?php
require_once ("../../../includes/seglogin.php");
require_once ("../../../includes/funciones.php");
conexion();
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
<script type="text/javascript" src="../../../includes/despliegue/animatedcollapse.js"></script>


<title><?php titulo();?></title>
<link rel="STYLESHEET" type="text/css" href="../../../includes/estilo.css"> 
<link rel="shortcut icon" href="favicon.ico">
</head>

<body>
<?php 
    require_once '../../../includes/sources/avatartemplate.php';
?>

<div id="contenedor" align="center">

<div id="logo" >
<!-- <object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0" width="900" height="100">
    <param name="movie" value="bannerzambonet.swf" />
    <param name="quality" value="high" />
	<param name="wmode" value="transparent"> 
    <embed src="../../banner/bannerzambonet.swf" quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" width="860" height="100" wmode="transparent" ></embed>
  </object> -->
</div> 
<!--div logo-->


  <div id="menuhorizontal" align="left">
<?php 
include("../../../includes/sources/botonera.php");
?>
    </div> 
  <!--div menuhorizontal -->
  
 
<div id="areatexto" >

<div id="cuadro">
	<a href="javascript:collapse1.slideit()"><img style="border:0;"  src="../../../images/maximizar.gif"></img></a> 
	<strong>XSS Persistente</strong>
	<div id="concepto">
		<div id="form-comentario">
		<?php 
			if(isset($_GET['error_comentario'])){
				echo "<div class=\"error\">";
				echo '¡El comentario no se pudo registrar!';
				echo "</div><br/>";
			}
		?>
			<strong>Escriba su comentario:</strong><br/>
			<span style="text-align:center;"><form name="comentario" action="comentar.php" method="post">
				<textarea name="comentario" id="text-comentario"></textarea><br/>
				<input type="submit" name="sin-solucion" value="comentar"/>
				<input type="submit" name="solucion" value="comentar (solucion)"/>
			</form></span><br/>
		</div>
		<div id="comentarios">
			<?php
			$consulta = 'SELECT * FROM comentarios ORDER BY id_comentario ASC';
			$res = mysql_query($consulta);
			
			if(mysql_num_rows($res)){
				while($reg = mysql_fetch_assoc($res)){
					$id=$reg['usuario_id'];
					$rowusuario=mysql_fetch_array(mysql_query("SELECT usuario_user from usuarios where usuario_id = $id"));
					echo "<div class=\"comentario\">";
					echo "<strong>Id-Comentario:</strong>". $reg['id_comentario']."<br/><strong>Autor:</strong>".$rowusuario['usuario_user']."<br/>";
					echo $reg['comentario']."<br/><br/>";
					echo "</div><br/>";
				}
			}
			else{
				echo "<div class=\"comentario\">Todavia usted no ha comentado nada!</div>";
			}
			?>
		</div>
	</div>
	
<script type="text/javascript">
	var collapse1=new animatedcollapse("concepto", 600, false, "block")
</script>	

</div>	
	
<div id="cuadro">	
	<a href="javascript:collapse2.slideit()"><img style="border:0;"  src="../../../images/maximizar.gif"></img></a>
	<strong>Tipos de XSS</strong>
	
	<div id="codes">
	
	<ul type="square">
	<li><strong><A HREF="source.php">Código Vulnerable</A></strong></li>
	<li><strong><A HREF="source.php?solution">Código Solución</A></strong></li>
	</ul>
	</div>
<script type="text/javascript">
	var collapse2=new animatedcollapse("codes", 600, false, "block")
</script>
</div>

<div id="cuadro">		
 	<a href="javascript:collapse3.slideit()"><img style="border:0;"  src="../../../images/maximizar.gif"></img></a> 
	<strong>Mas Información</strong>
	<div id ="moreinfo">
		<a href="http://www.alegsa.com.ar/Dic/xss.php">http://www.alegsa.com.ar/Dic/xss.php</a>
	</div>
<script type="text/javascript">
	var collapse3=new animatedcollapse("moreinfo", 600, false, "block")
</script>	
</div>

</div><!-- Cierre Area Texto -->





<div id="piepagina">
<?php 
require_once '../../../includes/sources/piepagina.php';
?>
</div>

</div>	<!-- Cierre contenedor -->

</body>

</html>